GalA11yETableItem: Incorrect implementation of AtkObjectClass::ref_child()
Coming from:
https://bugzilla.gnome.org/show_bug.cgi?id=783245
Maybe the implementation of eti_ref_child() at gal-a11y-e-table-item.c:332 is wrong. This function implements AtkObjectClass::ref_child, which should return a new reference to an existing object, but it returns a newly created object. That might be the missing reference in the log (attached in the bug).
This can cause crash in:
#0 g_type_check_instance_is_fundamentally_a from /lib64/libgobject-2.0.so.0
#1 g_object_weak_unref from /lib64/libgobject-2.0.so.0
#2 expiry_func from /lib64/libatk-bridge-2.0.so.0
#3 g_timeout_dispatch from /lib64/libglib-2.0.so.0
#4 g_main_context_dispatch from /lib64/libglib-2.0.so.0
#5 g_main_context_iterate.isra.21 from /lib64/libglib-2.0.so.0
#6 g_main_loop_run from /lib64/libglib-2.0.so.0
#7 gtk_main from /lib64/libgtk-3.so.0
#8 main
I do not have exact reproducer, maybe something like:
- have accessibility enabled, like with
gsettings set org.gnome.desktop.interface toolkit-accessibility true
when running GNOME - run evolution in the Mail component wit
G_SLICE=always-malloc
- open composer (Ctrl+N)
- switch to the Mail window and close it (Alt+F4)
- wait about 15-20 seconds, till the Evolution crashes or prints on console: `